OAuth Facebook Privacy Flaw Gave a Hacker Full Access To Anyone's Account (Video)

Nir Goldshlager discovered a major privacy flaw in Facebook's OAuth - where system developers use to access information everytime you hit the "allow" button. Nir gained access to virtually anyone's entire Facebook account. He explained:

I found a way in to get full permissions (read inbox, outbox, manage pages, manage ads, read private photos, videos, etc.) over the victim account even without any installed apps on the victim account...

Just to clarify there is no need for any installed apps on the victim's account, Even if the victim never allowed any application in his Facebook account, I could still be getting full permissions This bug works on any browser.

Facebook has fixed the problem already. It seems we're discovering new security holes all the time! Check out the video below: [Nir Goldshlager via Daily Dot]

Read More Articles

More

	DIA are pretty Burger King models

	FIESTAR Yezi lets the 'Crazy Dog' out

	NC.A & Shinji reveal How Long Time MV

	UP10TION reveal dance version Catch Me MV

	APink look like real dolls in new promotional video

	Fans are happy to see a chubbier Yoona!

	EXO reveal Lightsaber MV

	EXID show confidence in new photoshoot

	10 times APink Naeun shines in dresses!

	TWICE is named Best Rising Star Girl Group!